Spring Security
  1. Spring Security
  2. SEC-1135

No support for LDAP {md5} encryption scheme

    Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Won't Fix
    • Affects Version/s: 2.0.4
    • Fix Version/s: 3.0.0 RC1
    • Component/s: Core, LDAP
    • Labels:
      None

      Description

      LDAP (at least openLDAP, but I assume its a standard) prefixes encrypted passwords in the userPassword field with the encryption used.
      If you are doing password comparison, it will fail if you do not prefix the user password with the encryption.
      In spring you can therefore choose

      {sha}

      as the encryption type instead of sha.

      However, there is no md5 equivalent (there is no

      {md5}

      ) so now its not possible to do the password comparison with md5 out of the box.

        Activity

        Hide
        Luke Taylor added a comment -

        it's true we don't support this, however MD5 use is relatively rare compared with SHA or SSHA and is largely confined to legacy systems. It should be trivial to implement, so feel free to upload a patch and we will consider it for addition to the codebase.

        Show
        Luke Taylor added a comment - it's true we don't support this, however MD5 use is relatively rare compared with SHA or SSHA and is largely confined to legacy systems. It should be trivial to implement, so feel free to upload a patch and we will consider it for addition to the codebase.
        Hide
        Luke Taylor added a comment -

        This isn't something we are likely to get round to resourcing. MD5 is rarely used compared with SHA and SSHA and would not be chosen as a preference. If it's a feature you really want to see please submit a patch and we'll consider adding it to the codebase.

        Show
        Luke Taylor added a comment - This isn't something we are likely to get round to resourcing. MD5 is rarely used compared with SHA and SSHA and would not be chosen as a preference. If it's a feature you really want to see please submit a patch and we'll consider adding it to the codebase.

          People

          • Assignee:
            Luke Taylor
            Reporter:
            errorken
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: